Privilege Escalation Vulnerability in Linux OverlayFS Implementation

Privilege Escalation Vulnerability in Linux OverlayFS Implementation

CVE-2015-1328 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.